CVE-2024-42310

MEDIUM EPSS 13.2%
Published Aug 17, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥3.3  –  <4.19.320
linuxlinux_kernel*≥4.20  –  <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 10

  • git.kernel.org https://git.kernel.org/stable/c/08f45102c81ad8bc9f85f7a25e9f64e128edb87d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2d209b2f862f6b8bff549ede541590a8d119da23
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/977ee4fe895e1729cd36cc26916bbb10084713d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a658ae2173ab74667c009e2550455e6de5b33ddc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6ac46a00188cde50ffba233e6efb366354a1de5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb520c3f366c77e8d69e4e2e2781a8ce48d98e79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e74eb5e8089427c8c49e0dd5067e5f39ce3a4d56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f392c36cebf4c1d6997a4cc2c0f205254acef42a
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/08f45102c81ad8bc9f85f7a25e9f64e128edb87d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2d209b2f862f6b8bff549ede541590a8d119da23
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/977ee4fe895e1729cd36cc26916bbb10084713d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a658ae2173ab74667c009e2550455e6de5b33ddc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6ac46a00188cde50ffba233e6efb366354a1de5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb520c3f366c77e8d69e4e2e2781a8ce48d98e79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e74eb5e8089427c8c49e0dd5067e5f39ce3a4d56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f392c36cebf4c1d6997a4cc2c0f205254acef42a
    Patch